Submitted URL: http://coronafuckingvirus.com
Effective URL: https://coronafuckingvirus.com/
Submission: On May 23 via api from BE

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 17 HTTP transactions.
The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is coronafuckingvirus.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

Domain
Subdomains
Transfer
7 coronafuckingvirus.com
400 KB
4 gstatic.com
99 KB
2 covidtracking.com
10 KB
2 google-analytics.com
18 KB
2 fonts.googleapis.com
979 B
1 google.de
106 B
1 google.com
176 B
1 doubleclick.net
150 B
1 googletagmanager.com
32 KB
17 9
Domain Requested by
7 coronafuckingvirus.com 1 redirects coronafuckingvirus.com
4 fonts.gstatic.com coronafuckingvirus.com
2 covidtracking.com coronafuckingvirus.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 fonts.googleapis.com coronafuckingvirus.com
1 www.google.de coronafuckingvirus.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com coronafuckingvirus.com
17 9

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
coronafuckingvirus.com
Let's Encrypt Authority X3
2020-04-02 -
2020-07-01
3 months
*.google-analytics.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months
upload.video.google.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months
www.google.de
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months
*.covidtracking.com
Let's Encrypt Authority X3
2020-05-21 -
2020-08-19
3 months
*.gstatic.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Web
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://coronafuckingvirus.com/
  • https://coronafuckingvirus.com/
1 KB
1 KB
Document
General
Full URL
https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
6bfc3a8b8550d01a57038d4b302b0a30a28516d749ed34ef390c063d1bf5b00c

Request headers

:method
GET
:authority
coronafuckingvirus.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
GitHub.com
content-type
text/html; charset=utf-8
last-modified
Tue, 07 Apr 2020 12:35:13 GMT
etag
W/"5e8c7381-5a6"
access-control-allow-origin
*
expires
Sat, 23 May 2020 06:37:58 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
4084:6A42:4D46C:63941:5EC8C26E
accept-ranges
bytes
date
Sat, 23 May 2020 06:27:58 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4022-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1590215279.575070,VS0,VE94
vary
Accept-Encoding
x-fastly-request-id
49f2e701890910e2270a34b0d4f8dd489ea19093
content-length
724

Redirect headers

Server
GitHub.com
Content-Type
text/html
Location
https://coronafuckingvirus.com/
X-GitHub-Request-Id
7628:0B87:12D512:17B8B9:5EC8C26C
Content-Length
162
Accept-Ranges
bytes
Date
Sat, 23 May 2020 06:27:58 GMT
Via
1.1 varnish
Age
0
Connection
keep-alive
X-Served-By
cache-hhn4029-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1590215278.316045,VS0,VE95
Vary
Accept-Encoding
X-Fastly-Request-ID
656d593766a5f5abe8b7d9ce90ed1d70e8f0741c
app.ebee7682.css
/css
4 KB
1 KB
Stylesheet
General
Full URL
https://coronafuckingvirus.com/css/app.ebee7682.css
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
29bdc8c6d3c63c05dc6ee32563424beacde73d21fc851c85967848212d61f584

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
f2110c0bf70701baa63608739dfa0ec006c23f8d
date
Sat, 23 May 2020 06:27:58 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
886
x-served-by
cache-hhn4022-HHN
access-control-allow-origin
*
last-modified
Tue, 07 Apr 2020 12:35:13 GMT
server
GitHub.com
x-github-request-id
4C0C:793D:133874:183585:5EC8C26E
x-timer
S1590215279.726147,VS0,VE94
etag
W/"5e8c7381-1017"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Sat, 23 May 2020 06:37:58 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
app.ba64d620.js
/js
8 KB
3 KB
Script
General
Full URL
https://coronafuckingvirus.com/js/app.ba64d620.js
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
111d0ec3499d15c7a9f8faca2244af1305c35c9423885ba118690270fec10efe

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
309775970a16461bd3c7251512a60eef28c83c2a
date
Sat, 23 May 2020 06:27:58 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
2862
x-served-by
cache-hhn4022-HHN
access-control-allow-origin
*
last-modified
Tue, 07 Apr 2020 12:35:13 GMT
server
GitHub.com
x-github-request-id
8656:3A79:12AE4D:179EFE:5EC8C26E
x-timer
S1590215279.726447,VS0,VE94
etag
W/"5e8c7381-1ee6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sat, 23 May 2020 06:37:58 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-cache-hits
0
chunk-vendors.5c417aea.js
/js
154 KB
53 KB
Script
General
Full URL
https://coronafuckingvirus.com/js/chunk-vendors.5c417aea.js
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f6561d3c412d30982811184704727af806f180ecec800b3001e4c0c0ea356d60

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
a0039064e58f4487a5991ed6587171e4aa3e5ad6
date
Sat, 23 May 2020 06:27:58 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
53998
x-served-by
cache-hhn4022-HHN
access-control-allow-origin
*
last-modified
Tue, 07 Apr 2020 12:35:13 GMT
server
GitHub.com
x-github-request-id
E3E8:3C83:1319EA:181B6D:5EC8C26E
x-timer
S1590215279.726484,VS0,VE100
etag
W/"5e8c7381-2667a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sat, 23 May 2020 06:37:58 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-cache-hits
0
js?id=UA-71129605-2
www.googletagmanager.com/gtag
82 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-71129605-2
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bf8386373af3cdbc03ac1c539074210aaf195267b120b4857e43a44101b61c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:27:58 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33138
x-xss-protection
0
last-modified
Sat, 23 May 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 May 2020 06:27:58 GMT
css2?family=Raleway:wght@300;500;700&display=swap
fonts.googleapis.com
2 KB
514 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@300;500;700&display=swap
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
491674dfb7f94481f82ccfae3aebfce26cd3db612573c0d39f8bbc08ed03efb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 May 2020 06:27:58 GMT
server
ESF
date
Sat, 23 May 2020 06:27:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 May 2020 06:27:58 GMT
icon?family=Material+Icons
fonts.googleapis.com
574 B
465 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 23 May 2020 06:27:58 GMT
server
ESF
date
Sat, 23 May 2020 06:27:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 May 2020 06:27:58 GMT
analytics.js
www.google-analytics.com
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71129605-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6563
date
Sat, 23 May 2020 04:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sat, 23 May 2020 06:38:35 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935&slf_rd=1&random=2073670831
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=799830409&t=pageview&_s=1&dl=https%3A%2F%2Fcoronafuckingvirus.com%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20Cases%20in%20the%20US&sd=24-bit&sr=16...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_gid=751908460.1590215279&gjid=2049932738&_v=j82&z=340560935
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935&slf_rd=1&random=2073670831
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935&slf_rd=1&random=2073670831
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 May 2020 06:27:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 May 2020 06:27:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935&slf_rd=1&random=2073670831
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us
covidtracking.com/api
519 B
834 B
XHR
General
Full URL
https://covidtracking.com/api/us
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/js/chunk-vendors.5c417aea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
0c50c09ca5cff706a72e31720ef2102d806647a0c8ae629f9719875565f72f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7035c975-584f-4415-839d-084974b0f73b-22041215
date
Sat, 23 May 2020 06:27:59 GMT
x-content-type-options
nosniff
age
1
status
200
content-length
519
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
x-frame-options
DENY
etag
"73d72094dd20d12e60ead6d6dd3f88f8-ssl"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Raleway:wght@300;500;700&display=swap
Origin
https://coronafuckingvirus.com

Response headers

date
Tue, 19 May 2020 14:07:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:42 GMT
server
sffe
age
318014
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13228
x-xss-protection
0
expires
Wed, 19 May 2021 14:07:44 GMT
1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Raleway:wght@300;500;700&display=swap
Origin
https://coronafuckingvirus.com

Response headers

date
Wed, 20 May 2020 15:50:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:47 GMT
server
sffe
age
225457
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13752
x-xss-protection
0
expires
Thu, 20 May 2021 15:50:21 GMT
daily
covidtracking.com/api/us
58 KB
9 KB
XHR
General
Full URL
https://covidtracking.com/api/us/daily
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/js/chunk-vendors.5c417aea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
fdb667189c5392c42842d32641b7312c6ed211d33dc770a24f2865eadb1820ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7035c975-584f-4415-839d-084974b0f73b-22041264
date
Sat, 23 May 2020 06:27:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
status
200
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
Netlify
x-frame-options
DENY
etag
"b95f9e33f1d0f7a1ce57393ebe827697-ssl-df"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
covid.f6e0cacc.png
/img
170 KB
171 KB
Image
General
Full URL
https://coronafuckingvirus.com/img/covid.f6e0cacc.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7aefa1ec707b5f1d9f9ab53cd4f8c89142d75bf18b1b6850d46239b5ed14345a

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
bcce180ba5bb120207bd1492f969de82adf92a25
date
Sat, 23 May 2020 06:27:59 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
content-length
174520
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 07 Apr 2020 12:35:13 GMT
server
GitHub.com
x-github-request-id
DD5C:5A00:2D2D:6465:5EC8C26F
x-timer
S1590215280.618082,VS0,VE267
etag
"5e8c7381-2a9b8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sat, 23 May 2020 06:37:59 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-cache-hits
0
1Ptrg8zYS_SKggPNwIYqWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwIYqWqZPANqczVs.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63faac0a35283fa66924f73966386a8e1e41dac3f1c957f9b02c924c7fd0121d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=Raleway:wght@300;500;700&display=swap
Origin
https://coronafuckingvirus.com

Response headers

date
Fri, 22 May 2020 16:07:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:34 GMT
server
sffe
age
51642
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13316
x-xss-protection
0
expires
Sat, 22 May 2021 16:07:17 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50
59 KB
60 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/icon?family=Material+Icons
Origin
https://coronafuckingvirus.com

Response headers

date
Wed, 20 May 2020 07:41:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 01:57:25 GMT
server
sffe
age
254787
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60840
x-xss-protection
0
expires
Thu, 20 May 2021 07:41:32 GMT
covid.f6e0cacc.png
/img
170 KB
171 KB
Image
General
Full URL
https://coronafuckingvirus.com/img/covid.f6e0cacc.png
Requested by
Host: coronafuckingvirus.com
URL: https://coronafuckingvirus.com/js/chunk-vendors.5c417aea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7aefa1ec707b5f1d9f9ab53cd4f8c89142d75bf18b1b6850d46239b5ed14345a

Request headers

Referer
https://coronafuckingvirus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
65e9059c7775c7783adb4f7c41471bbb97cf3ed7
date
Sat, 23 May 2020 06:28:10 GMT
via
1.1 varnish
age
11
x-cache
HIT
status
200
content-length
174520
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 07 Apr 2020 12:35:13 GMT
server
GitHub.com
x-github-request-id
DD5C:5A00:2D2D:6465:5EC8C26F
x-timer
S1590215291.621676,VS0,VE0
etag
"5e8c7381-2a9b8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sat, 23 May 2020 06:37:59 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-cache-hits
1

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://coronafuckingvirus.com/
  • https://coronafuckingvirus.com/
Request 8
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=799830409&t=pageview&_s=1&dl=https%3A%2F%2Fcoronafuckingvirus.com%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20Cases%20in%20the%20US&sd=24-bit&sr=16...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_gid=751908460.1590215279&gjid=2049932738&_v=j82&z=340560935
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-71129605-2&cid=1207272071.1590215279&jid=887329395&_v=j82&z=340560935&slf_rd=1&random=2073670831

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| regeneratorRuntime

3 Cookies

Domain/Path Name / Value
.coronafuckingvirus.com/ Name: _gat_gtag_UA_71129605_2
Value: 1
.coronafuckingvirus.com/ Name: _gid
Value: GA1.2.751908460.1590215279
.coronafuckingvirus.com/ Name: _ga
Value: GA1.2.1207272071.1590215279

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

coronafuckingvirus.com
covidtracking.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com


185.199.111.153
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:814::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c03::9d
2a03:b0c0:3:d0::d24:5001

046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
0c50c09ca5cff706a72e31720ef2102d806647a0c8ae629f9719875565f72f1b
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
111d0ec3499d15c7a9f8faca2244af1305c35c9423885ba118690270fec10efe
29bdc8c6d3c63c05dc6ee32563424beacde73d21fc851c85967848212d61f584
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
491674dfb7f94481f82ccfae3aebfce26cd3db612573c0d39f8bbc08ed03efb4
5bf8386373af3cdbc03ac1c539074210aaf195267b120b4857e43a44101b61c9
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
63faac0a35283fa66924f73966386a8e1e41dac3f1c957f9b02c924c7fd0121d
6bfc3a8b8550d01a57038d4b302b0a30a28516d749ed34ef390c063d1bf5b00c
7aefa1ec707b5f1d9f9ab53cd4f8c89142d75bf18b1b6850d46239b5ed14345a
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6561d3c412d30982811184704727af806f180ecec800b3001e4c0c0ea356d60
fdb667189c5392c42842d32641b7312c6ed211d33dc770a24f2865eadb1820ce